We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
Remote

Sr Info Security Risk Analyst (US, remote)

Syneos Health/ inVentiv Health Commercial LLC
paid time off, sick time, 401(k)
United States, New Jersey, Bridgewater
Nov 24, 2024

Description

Sr Info Security Analyst

Syneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities.

Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life.

Discover what our 29,000 employees, across 110 countries already know:
WORK HERE MATTERS EVERYWHERE

Why Syneos Health



  • We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program.
  • We are committed to our Total Self culture - where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people.
  • We are continuously building the company we all want to work for and our customers want to work with. Why? Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives - we're able to create a place where everyone feels like they belong.


Job Summary

Core to Syneos Health, we drive governance of policies and standards, identify, manage cybersecurity-related risks, and provide assurance to stakeholders. The successful candidate will participate in the information security risk management program to reduce the risks to the level that is acceptable to the organization. The candidate will possess deep knowledge of security control frameworks, stay abreast of the evolving threat landscape, and have past experience working in a cybersecurity risk management, and/or audit environment. They will cooperate with various internal and external stakeholders to ensure that Syneos Health and its third parties meet or exceed internal and external cybersecurity and legal requirements. This role requires a good understanding of information security principles, risk assessment methodologies, and industry best practices.

In addition to the job responsibilities below, this role understands and adapts to an ever-changing cybersecurity risk landscape and helps to evolve Syneos Health's cybersecurity program to meet and address these challenges.

Job Responsibilities:

* Serves as a senior member of the working team for Risk Management within the Governance, Risk, and Assurance (GRA) function.

* Conducts information security risk assessments of IT solutions (third-party and internally developed) and internal processes.

* Assesses information security risks of changes to existing IT solutions.

* Identifies, analyzes, assesses, monitors, and tracks risks in the information security risk register.

* Monitors and tracks risk mitigations to ensure cyber security policies and standards are established, implemented and followed.

* Collaborates with cross-functional teams to ensure risk management practices and IT solutions align with business objectives and compliance requirements.

* Utilizes tools from various processes (e.g. vulnerability management, anti-virus, Secure SDLC, etc.) to verify the presence of risks.

* Periodically reports to internal stakeholders on overall IT solutions risk profile.

* Conducts Information Security Risk Assessment program improvements based on legal, stakeholder, and best practice requirements.

* Collaborates with internal stakeholders (Security Operations, Technology Solutions, Governance, Risk and Assurance, Privacy, Regulatory & Compliance, etc.) and third parties as part of the risk management program.

* Participates in ad-hoc, non-systematic risk assessment requests.

* Stay updated with the latest cybersecurity trends, emerging threats, and industry developments to provide proactive risk mitigation recommendations.

AtSyneos Health, we believe in providing an environment and culture in which Our People can thrive, develop and advance. We reward and recognize our people by providing valuable benefits and a quality-of-life balance. The benefits for this position include a company car or car allowance, Health benefits to include Medical, Dental and Vision, Company match 401k, eligibility to participate in Employee Stock Purchase Plan, Eligibility to earn commissions/bonus based on company and individual performance, and flexible paid time off (PTO) and sick time. Because certain states and municipalities have regulated paid sick time requirements, eligibility for paid sick time may vary depending on where you work. Syneos complies with all applicable federal, state, and municipal paid sick time requirements.

The annual base salary for this position ranges from $72,540 to $145,000. The base salary range represents the anticipated low and high of the Syneos Health range for this position. Actual salary will vary based on various factors such as the candidate's qualifications, skills, competencies, and proficiency for the role.

Qualifications

QUALIFICATION REQUIREMENTS

* Bachelor's degree in computer science, Information Security, or a related field. Relevant certifications such as CISA, CRISC, or ISO 27001 auditor are highly desirable.

* Five years experience working as an Information Security Risk Analyst or in a similar role focused on information security risk management.

* Experience in utilizing tools for risk profile data collection is desirable.

* Experience in utilizing One Trust platform is desirable.

* Good knowledge of cybersecurity principles, governance and regulatory compliance.

* Deep understanding of risk assessment methodologies, vulnerability management, and security control frameworks (e.g., NIST, ISO 27001, COBIT)

* Familiarity with security controls, technologies, and best practices to mitigate cyber risks.

* Proficient in Microsoft Office (Excel, PowerPoint, Word)

* Strong communication and interpersonal skills to collaborate effectively with cross-functional teams and stakeholders.

* Excellent analytical and problem-solving skills

* Ability to work independently as well as collaboratively in a team environment, prioritize tasks, and manage time effectively.

Applied = 0

(web-5584d87848-9vqxv)